Ruby on rails 如何使用回形针从s3访问同一Ruby on Rails应用程序中的私有和公共图像
应用程序 我正在编写一个应用程序,需要从用户那里获取图片并将其保存在AWS S3 bucket中 app/models/picture.rbRuby on rails 如何使用回形针从s3访问同一Ruby on Rails应用程序中的私有和公共图像,ruby-on-rails,paperclip,aws-sdk-ruby,Ruby On Rails,Paperclip,Aws Sdk Ruby,应用程序 我正在编写一个应用程序,需要从用户那里获取图片并将其保存在AWS S3 bucket中 app/models/picture.rb class Picture < ActiveRecord::Base include Paperclip::Glue belongs_to :user scope :active_objects, -> { where(is_deleted: false)} has_attached_file :image, :s
class Picture < ActiveRecord::Base
include Paperclip::Glue
belongs_to :user
scope :active_objects, -> { where(is_deleted: false)}
has_attached_file :image,
:styles => {:medium => "800>", :small => "480>", :thumb => "100>"},
:convert_options => {:medium =>'-quality 90', :small =>'-quality 80', :thumb => '-quality 50' },
:storage => :s3,
:url => ":s3_domain_url",
:path => 'pictures/:id/image/:style/:basename.:extension',
# :s3_permissions => :private,
:s3_region => 's3-ap-southeast-1.amazonaws.com',
:s3_endpoint => 's3-ap-southeast-1.amazonaws.com',
:s3_credentials => Proc.new { |a| a.instance.s3_credentials }
def s3_credentials
{:bucket => App.secrets.bucket_name, :access_key_id => App.secrets.aws_access_key_id,
:secret_access_key => App.secrets.aws_secret_access_key}
end
def url(style_name = :original, time = 30.minutes.to_i)
image.s3_permissions == :private ? (image.expiring_url(time, style_name)) : (image.url(style_name))
end
end
响应中的url会在浏览器选项卡中打开一个图像,但之前上传的图像(Picture.first)仍然无法访问。当我尝试打开url时,它会给出以下信息
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>6423906A78A3FDFF</RequestId>
<HostId>
fowfNEi6+mM265iGig+jhT1/ih2P7yhPzNegHiS9Q6NrP4mnGNKkXFDefLva85tjAQ0uNbenYew=
</HostId>
</Error>
此外,他们的s3_权限将作为公共_读取
>> Picture.first.image.s3_permissions
A, [2018-05-01T01:18:05.171381 #94266] ANY -- : 2018-05-01 01:18:05 +0530 severity=DEBUG, Picture Load (0.7ms) SELECT "pictures".* FROM "pictures" ORDER BY "pictures"."id" ASC LIMIT $1 [["LIMIT", 1]]
=> :public_read
您必须在S3端配置此访问 把这个放在你的bucket策略中:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your_bucket_name/*"
}
]
}
嗨,谢谢你的回答。你能解释一下这个代码的作用吗?另外,在我的bucket策略中加入此选项后,我的私有映像是否会将其s3_权限显示为:private?
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your_bucket_name/*"
}
]
}